OpenVPN AutoStart Ubuntu 18.04
If you save your configuration as a MY_CONNECTION.conf
file in your /etc/openvpn
directory, you can do the following:
systemctl enable openvpn@MY_CONNECTION
systemctl start openvpn@MY_CONNECTION
where MY_CONNECTION is the same from MY_CONNECTION.conf
.
So if you have multiple connections, you would have multiple systemctl
calls.
systemctl enable openvpn@MY_CONNECTION1
systemctl start openvpn@MY_CONNECTION1
systemctl enable openvpn@MY_CONNECTION2
systemctl start openvpn@MY_CONNECTION2
etc.
Below you find the steps I did to configure my Private Internet Access (PIA) OpenVPN tunnel. I use Switzerland.ovpn
to refer to OpenVPN configuration. Please substitute this with the filename appropriate for your configuration.
I used Ubuntu 18.04, but it should work on any Linux distro using systemd. I only don't know if the network-manager will override this or not.
Dependencies
sudo apt update
sudo apt install openvpn
OpenVPN Configuration
-
sudo mkdir /etc/openvpn/PIA
(changePIA
to the name of your choice) -
Download your OpenVPN config files, for example:
sudo wget https://www.privateinternetaccess.com/openvpn/openvpn.zip https://www.privateinternetaccess.com/openvpn/openvpn-strong.zip
(Extract and) copy the config file into the newly creted folder (here,
/etc/openvpn/PIA
)cd /etc/openvpn/PIA
Skip steps 7 to 10 if you do not use a password
- (optional)
sudo touch piapass.txt
- (optional)
sudo chmod 700 piapass.txt
-
(optional) Type
sudo nano piapass.txt
and put the following content (changingusername
andpassword
to the values appropriate for your configuration)username password
(optional) Type
sudo nano Switzerland.ovpn
and change theauth-user-pass
line toauth-user-pass /etc/openvpn/PIA/piapass.txt
- Test the connection
sudo openvpn Switzerland.ovpn
Systemd Startup Service Setup
Change piavpn.service
for whatever name you would like your startup OpenVPN connection service to have.
cd /etc/systemd/system/
sudo touch piavpn.service
sudo chmod 644 piavpn.service
-
Type
sudo nano piavpn.service
and put the following content (make sure to adapt the line starting withExecStart
to match your configuration):[Unit] Description=Private Internet Access VPN (Swiss) After=multi-user.target [Service] Type=idle ExecStart=/usr/sbin/openvpn --config /etc/openvpn/PIA/Switzerland.ovpn [Install] WantedBy=multi-user.target
sudo systemctl daemon-reload
sudo systemctl enable piavpn.service
sudo reboot
After the reboot your OpenVPN connection should be set up automatically on boot.
Indeed @xm88, you want to automatically provide credentials at boot time when openvpn service is started up without user interaction or typing
In your oven config file (.conf on raspbian, but whichever extension is needed in your case)
client
...
auth-user-pass $yourCredentialsFile
[some more config]
<ca>
-----BEGIN CERTIFICATE-----
etc etc
And right next to your config file, a plain text file named $yourCredentialsFile which will contain:
username
password
I must advise this is not best practice in terms of security, because credentials are plain and available to any user who has access to your openvpn config dir /etc/openvpn
, but this will allow openvpn service to auto login when started up at boot time.